← Back to Skills Marketplace
77
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install slide-writer
Description
把想法、大纲、文档或草稿变成结构清晰、设计精良的企业级 HTML 演示文稿。
Usage Guidance
This skill appears to implement slide generation as advertised, but it asks the agent to run `git pull --ff-only` on each run (auto-update) and includes local scripts that the agent may invoke. Auto-updating code at runtime lets the remote repo change the skill's behavior after you reviewed it. Before installing or enabling: 1) Inspect the included scripts (preview.sh, smoke-test.sh) and the Python files (apply-template-branding.py, inline-images.py) for any network calls, subprocess execs, or arbitrary shell commands. 2) If you want to use it, consider disabling the automatic git pull step or run the skill in an isolated environment (no network access) and update manually after reviewing changes. 3) Avoid providing any secrets or credentials to the skill; it does not need them. 4) If you must allow auto-updates, pin the repo to a trusted commit and periodically re-review upstream changes. If you want, I can: (A) list the exact contents of the four scripts for a quick inspection, or (B) highlight patterns (curl/wget/python requests/exec) to look for in the repository.
Capability Analysis
Type: OpenClaw Skill
Name: slide-writer
Version: 1.0.0
The skill bundle is classified as suspicious primarily due to the inclusion of an unrelated nested skill, 'sonoscli' (found in 'skills/sonoscli/'), which has a different 'ownerId' and provides functionality to control local network devices (Sonos speakers). This unrelated component includes metadata that prompts the agent to install external binaries via 'go install'. Additionally, the main 'SKILL.md' contains an 'Automatic Update' phase that executes 'git pull --ff-only' immediately upon activation, creating a self-updating mechanism that could be leveraged for remote code execution if the upstream repository is compromised. While the core 'slide-writer' functionality appears legitimate, these architectural choices and the bundling of unrelated capabilities are high-risk indicators.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description, included templates, components and scripts match the stated purpose (converting drafts into single-file HTML presentations). However the SKILL.md requires an automatic git pull at runtime (Phase 0) to 'auto-update themes and rules', which is not necessary for generating a slide from local input and expands the skill's capabilities beyond the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run shell commands (explicitly `git pull --ff-only` as 'must execute'), read repository files (themes/_index.md, template.html, components.md) and read/modify existing HTML files. The mandatory auto-update step introduces network operations and implicit trust in remote code changes. The skill also says it will 'infer from current user information' (unspecified), which could lead to the agent accessing environment or profile data not declared in requires.env.
Install Mechanism
There is no formal install spec (instruction-only), but the repo includes helper scripts (preview.sh, smoke-test.sh) and Python utilities. The primary risk is the SKILL.md's mandatory runtime `git pull` which fetches code from the remote repository each run. While the remote is a GitHub repo (a familiar host), auto-pulling code at runtime creates a mutable execution surface that can change behavior after initial review.
Credentials
The skill declares no required environment variables or credentials, which is proportionate. That said, the instructions reference inferring 'current user information' and expect to read and write files in the repository—these are reasonable for a generator but are not explicitly constrained in SKILL.md (no explicit list of allowed file paths).
Persistence & Privilege
always:false and no claim to modify other skills or global settings. The remaining concern is that autonomous invocation (platform default) combined with the SKILL.md auto-update behavior increases the blast radius: if the repo changes remotely, an autonomously-invoked skill can run newly-pulled code.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install slide-writer - After installation, invoke the skill by name or use
/slide-writer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Slide-Writer.
- Transform ideas, outlines, drafts, or meeting notes into well-structured, enterprise-grade HTML presentations.
- Automatically detects company/brand for theme matching, with 14 built-in company templates.
- Refines content for clarity, compresses long text to key points, and ensures each slide fits 100vh with no scrollbars.
- Generates a single standalone .html file with all CSS/JS inlined—zero dependencies.
- Supports two modes: creating new presentations (from outline or theme) and enhancing existing HTML slides.
- Built-in rules for content structure, design consistency, and component use to optimize clarity and impact.
Metadata
Frequently Asked Questions
What is Slide Writer?
把想法、大纲、文档或草稿变成结构清晰、设计精良的企业级 HTML 演示文稿。 It is an AI Agent Skill for Claude Code / OpenClaw, with 77 downloads so far.
How do I install Slide Writer?
Run "/install slide-writer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Slide Writer free?
Yes, Slide Writer is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Slide Writer support?
Slide Writer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Slide Writer?
It is built and maintained by FeeiCN (@feeicn); the current version is v1.0.0.
More Skills